Free Linux software blocks hackers
- By Dan Caterinicchia, Dan Caterinicchia
- Apr 25, 2000
Information and the Libsafe source code
Certain electronic intruders will have to find a new way to wreak havoc
thanks to free Linux software released Thursday by Lucent Technologies'
The software blocks hackers who use the common technique of overflowing
an application's buffer memory to gain access to a computer.
Buffer overflows were the most common form of computer vulnerability exploited
over the past 10 years, according to a recent report funded by the Defense
Advanced Research Projects Agency and published by the Oregon Graduate Institute
of Science and Technology.
Lucent's new Libsafe software was designed specifically to prevent those
A buffer is a region of computer memory that application programs use to
temporarily store information. A problem occurs when programs write information
to buffers without properly checking the buffer size, which leaves them
vulnerable to attacks that cause a large amount of data to be written, overwriting
the memory immediately outside the buffer region. The overflow injects additional
code into an application program and then hijacks control of the program
to execute that code.
Linux, an open-source operating system, has been gaining momentum in the
government for the past few months. It has become prevalent in high-end
technical and network missions at agencies including NASA and Defense Department
Libsafe does not require access to the source code of the application programs
and protects all such programs running on a system, said Lucent spokesman
Dan Coulter. "It prevents this kind of attack even if the code is not written
right," he said. "Libsafe still protects the information even if the [buffer]
wasn't written to the right size."
Linux distributors including Red Hat Inc., Linux-Mandrake, TurboLinux Inc.
and Debian GNU/Linux are working with Bell Labs to incorporate Libsafe into
their software releases, according to representatives from each company.